WebApp Sec mailing list archives
Re: Is logoff feature necessary
From: Luciano Miguel Ferreira Rocha <strange () nsk no-ip org>
Date: Tue, 2 May 2006 10:32:20 +0100
On Tue, May 02, 2006 at 07:41:02AM -0000, test.future () gmail com wrote:
We have a web applicaiton which do not have logoff button. The developer claims that it is unnecessary, since the session can be terminated by closing the browser. Is it correct? Thanks.
Yes, session cookies are removed on exit. But why force people to terminate the browser when they want to logout from that site? -- lfr 0/0
Attachment:
_bin
Description:
Current thread:
- Is logoff feature necessary test . future (May 02)
- Re: Is logoff feature necessary Vicente Aguilera (May 03)
- Re: Is logoff feature necessary Daniel Persson (May 03)
- Re: Is logoff feature necessary Peter Conrad (May 03)
- Re: Is logoff feature necessary Luciano Miguel Ferreira Rocha (May 03)
- Re: Is logoff feature necessary ViersOnline (May 03)
- RE: Is logoff feature necessary Deepu Thomas Philip (May 03)
- Re: Is logoff feature necessary Michael Silk (May 03)
- Re: Is logoff feature necessary Dave Ferguson (May 03)
- RE: Is logoff feature necessary Rod Divilbiss (May 03)
- RE: Is logoff feature necessary Auri Rahimzadeh (May 03)
- Administrivia: Is logoff feature necessary Andrew van der Stock (May 03)
- RE: Is logoff feature necessary Keith Duffin (May 03)
- Re: Is logoff feature necessary Andrew van der Stock (May 03)
- RE: Is logoff feature necessary Auri Rahimzadeh (May 03)
- RE: Is logoff feature necessary wa0qmj (May 03)